As he flew from Minneapolis to Paris one morning last year, he considered tactics for getting the information he wanted without revealing the truth about his visit. Land O’Lakes, a giant agriculture cooperative, had hired him the year before to oversee the IT part of mergers and acquisitions. The first step is investigating a target company for major risks—“the big rocks,” as Stabenow says.

He was on the way to Geosys, a French firm that had developed algorithms for analyzing satellite images to help farmers track the health of their crops. Land O’Lakes already owned almost 10 percent of Geosys, and now it wanted to buy the rest. The opportunity to add a new line of business — selling this analytics service to its member farmers — was enticing as a strategic play in the fast-growing “precision agriculture” market.

Land O’Lakes has doubled its sales in seven years, from $7.1 billion in 2006 to $14.2 billion in 2013, and has pledged to offer new tools to its member farmers to help them improve their yields and profits. Stabenow had to find out whether the Geosys technology was solid enough to scale and whether overall IT at the company was sound. Just a handful of top executives at Geosys knew of Land O’Lakes’ intentions; most of the people Stabenow would be interviewing did not. The deal wasn’t definite, so speed and discretion were imperative.

CIOs: Prepare Yourself for M&As

You could soon find yourself in the same situation.

Whether they aim to boost revenues, break into new geographies, eliminate competition or otherwise expand an empire, M&A deals are on the rise. As of July, mergers and acquisitions were up 24 percent in number and 36 percent in value compared to the same period last year, according to FactSet Research Systems.

As companies posture during the sensitive early stages, CIOs must swoop in to perform due diligence, assessing the inner workings of someone else’s IT organization, on limited time, often in secret and typically with imperfect information.

“It’s like a puzzle,” says Michael Iacona, president of the Institute for Integrative Nutrition and former VP of technology for M&A at Thomson Reuters. “You collect pieces, and at the end of day, you won’t have it complete. But you can see the picture.”

It used to be that CIOs, tired of having IT be an afterthought, cried out to be brought into due diligence early on. But that’s no longer good enough. To make the most of a merger, companies need CIOs involved in a deal’s conception, says Jan Roehl-Anderson, a principal at Deloitte Consulting. CIOs who help shape the business case the company takes to Wall Street, she says, will be able to find not only risks but also potential rewards.

Yes, a CIO can spot IT problems that a CEO or CFO might miss, such as a decrepit application behind a pivotal business line that will take millions to stabilize. But in these digital days, sometimes only a technology leader can recognize IT assets that could increase the value of the deal.

That could be the target’s state-of-the-art data center, which could save you the expense of building one yourself. Or it could be a quiet group of data scientists with a killer algorithm for predicting customer behavior. Or, as the IT team at electronics distributor Avnet discovered during a recent deal investigation, it could be an internal training system that could be built up into a fast-growing source of revenue.

A higher standard for IT’s role in these deals is now emerging, says Dewey Ray, president of M&A consultancy Cognitive Diligence: “CIOs formulate theories about approaches to the acquisition itself and understand the business drivers.”

Or CIOs should, anyway. “Not many of us get trained in due diligence or mergers and acquisitions. You’re learning on the job,” says Steve Phillips, CIO of the $25 billion Avnet. Phillips has done 51 acquisitions in the past 10 years. “Your first one is always really hard.”

Right Process, Right People

After a buyer issues a letter of intent to a company it wants to purchase, the process soon moves to due diligence. A cadre of senior executives visits the target company to learn about its strategy, plans and basic operations and facilities. For a CIO, the point is to evaluate the state of IT there and how it matches yours. Where the two systems differ, there are risks to mitigate or opportunities to exploit. The trick is to quickly estimate the time, manpower and money needed for either kind of work.

Access can be limited when time is short. Smaller companies often don’t have the requested information readily available, says Cora Carmody, SVP of IT at Jacobs Engineering. Carmody has done a lot of deals: Acquisitions account for one-third of growth at the $11.8 billion company and are critical to meeting its goal of boosting profits by an average of 15 percent every year.

Some interviewees aren’t forthcoming because the acquisition is unwelcome or they’re afraid for their jobs. The Securities and Exchange Commission and other bodies govern what information can be disclosed or kept confidential at which stage of a transaction, says Rudy Puryear, who leads the IT practice at Bain and Co. For example, during due diligence, two companies cannot see each other’s “competitively sensitive” information, such as current or future pricing. But a neutral third party agreed upon by both companies can evaluate that data for them.

Before Comcast and Time Warner Cable announced their deal in February, the companies had shared information about equipment such as hardware, software and routers. But not until things progressed did they reveal more sensitive material, such as certain customer data. The rules are there to protect companies in case the deal falls apart, Puryear says.

Rather than setting up camp at the company headquarters, the two sides might use a neutral third party to run a “clean room,” physical or virtual, where material is shared and evaluated. That’s especially common when doing deals in other countries; you don’t want language barriers to blur the nuances in critical information. Participants sign nondisclosure contracts and agree to follow rules laid out by lawyers, such as no personal electronic devices in the clean room.

Deloitte’s Roehl-Anderson recalls one merger where the parties were especially worried about a leak. They taped paper to the windows of the conference room and installed a lock on the door. Retired executives with no vested interest in the deal, or in using the proprietary information afterward, assessed the data, diagrams, financial forecasts and other material. “If the merger didn’t go through, those people were gone anyway,” she says.

As an extra precaution against compromising vital information, companies sometimes hire consultants to do an initial assessment. A consultant might observe, for example, that there is little customer overlap between the two companies or that their product pricing strategies don’t mesh well, Puryear says. Players at the companies don’t see each other’s confidential data, but they do gain valuable insights about it, he says.

At Land O’Lakes, the Geosys transaction wouldn’t be huge, with an ultimate purchase price of $26 million. But Stabenow knew that creating a new business would be strategic, bringing in revenue for years to come—if all went well. To avoid sparking worried speculation among Geosys employees, he didn’t join his peers from finance and legal on their due diligence trip. He conducted the IT portion separately.

“We went in under the guise of an IT audit, given we were already part-owners,” he says.

As a result, he had access to lots of Geosys IT staff members knowledgeable in many areas. That’s not typical, though. ­Usually, just a small group of senior leaders is available. “Sometimes you’re speaking with the CFO and he’s struggling with getting the detailed answers you need,” he says.

Stabenow used an IT M&A playbook, which he had developed for Land O’Lakes CIO Mike Macrie, looking at items such as the age and stability of infrastructure equipment, downtime, and problem-resolution processes. The report was mostly good, save for disaster recovery and infrastructure—no deal-breakers. Macrie and the IT leadership team then began to mull ideas for fortifying those areas.

Macrie has been involved in more than 40 acquisitions in his career and knows they don’t all go as well as Geosys. After he joined Land O’Lakes in 2010, he wanted to formalize the acquisition process, to make it repeatable and speedy, and to help get the most value from each deal. Eventually, he saw the need to hire someone to manage IT’s role in M&A work, in part to improve relations with the Land O’Lakes strategy group. “Consistently, we were getting blindsided after a deal was done with very little IT due diligence,” he says. “We’d be asked to execute on things we had little visibility into.”

Macrie brought in Stabenow, a former colleague at Ingersoll Rand who had led M&As and divestitures for IT there. His MBA and experience with finance and global project management were attractive, Macrie says, because whoever filled the role had to be viewed as part of the business team. “We had to hire someone with the ability to talk about risk, planning and synergy targets,” Macrie says, “and how IT could be an enabler to possibly gaining more.”

Finding the Bad Stuff

Before any company can gain from an acquisition, however, the potential problems must be identified and weighed. IT risks can include old or multiple data centers, cybersecurity holes and onerous software license contracts. These items can result in huge costs to be borne by the buyer.

Unfavorable contracts with vendors often go undiscovered, says Roehl-Anderson. Maybe an agreement between the target company and a vendor obligates you to pay millions of dollars for maintenance in the next four years, subtracting from the synergy savings the acquisition was supposed to deliver, she says.

Software about to lose vendor support may need to be upgraded soon. “A CEO and CFO would never know that and it wouldn’t get disclosed in early conversations happening at a higher level,” Puryear says. “The CIO knows we’ve got a $20 million exposure here because we have to replace it within two years.”

IT problems alone typically won’t scuttle a deal, but they could change the negotiations or add to a pile of risks that ultimately turns a company off, says Iacona, who is also a former longtime CIO. One large company Thomson Reuters looked at when he was there ran some old technology that few IT people knew how manage, he recalls. That discovery went into the demerit column and Thomson Reuters ultimately dropped its pursuit, he says.

If an acquisition moves ahead despite sizeable risks, the buyer will sometimes ask for a pot of money to be placed in escrow, to be drawn from if needed during integration, says the consultant Ray, who is author of The IT Professional’s Merger and Acquisition Handbook. For example, if the buyer audits the acquired company’s compliance with software licenses and finds violations, then the buyer can use funds from the escrow account to pay for making the systems compliant.

Impress the Boss

M&A is a good time to try to improve your career standing. The projects are high on the CEO’s agenda and can make a substantial difference to the company. The IT leader who recognizes that a target company’s sales forecast is predicated in part on successful rollout of a new ERP system—and the project is going south—can bring unique insight to C-suite colleagues, Puryear says. “An informed CIO could suggest that maybe the company is not worth what it says it’s worth,” he says. “These things don’t appear on the surface, but a couple layers deeper.”

Avnet’s due diligence team happened upon valuable technology in 2012 when it was checking out Magirus Group, a data center technology distributor in Germany. They spotted a small but elegant online system the company used for internal training. They didn’t trumpet their interest, wanting to avoid showing their hand during negotiations, says CIO Phillips. “It was noted and we were thinking about it,” he says. “That increased the momentum to complete the transaction.”

After the deal closed, Magirus developers (now part of Avnet) scaled up the Magirus system, branded it Avnet Academy, and began selling it. Today it reaches paying customers in 59 countries.

At the very least, CIOs must understand the business drivers behind a deal. For example, Avnet bought Magirus for an immediate financial boost in Europe and the Middle East. Jacobs Engineering bought Federal Network Systems in July to build its business in the intelligence community and Eagleton Engineering in February to add expertise in oil pipeline design and construction.

CEOs, meanwhile, are getting smarter about the business implications of IT issues during a merger, Puryear says. He’s working on a deal between two large healthcare companies that each run about 80 percent of their operations on homegrown systems. “The CEOs realized very early that it was absolutely critical to sort out the platform issue sooner rather than later,” he says. “There are pervasive implications for strategy and operations.”

More executives will start to evaluate the intrinsic value of IT and data in the coming years, Ray predicts. But it’ll take awhile. “The M&A process is dominated by lawyers, advisers, accountants and investment bankers who are mired in the traditional approach to deal-making and not particularly open to nontraditional ways of thinking about finding value,” he says.

At Jacobs Engineering, SVP of IT Carmody expands her due diligence beyond IT to larger strategy discussions. For example, she helps vet acquisition candidates long before a bid is made, assessing whether the business, corporate culture and customer base would fit well with Jacobs.

In one recent acquisition, Carmody talked to a couple of big customers of the other company to get feedback about the customer experience, then took that intelligence to Jacobs’ board of directors to bolster the case for doing the deal. “I could tell the board it was a good fit,” she says.

Doing M&A transactions can be a potent way to enhance your skills as a business executive, says Roehl-Anderson at Deloitte. “It’s a great opportunity to differentiate yourself from other CIOs.”

Carmody, for example, is often appointed to the team that audits the report from the initial due diligence group, looking for holes in the information and analyzing the IT findings with an eye toward legal and financial implications—for example, how much wiggle room there might be in the target company’s enterprise license agreement with Microsoft.

Jacobs Engineering uses M&A as a stretch assignment. Bosses populate due diligence and integration teams with managers who meet tough criteria. Among them: Good general leadership qualities and the ability to plan large projects and to understand lots of legalese in IT contracts. Team members also must be able to travel and sometimes be away for weeks or months. “They have to dedicate not just their mind but their body,” she says.

As Land O’Lakes settled its acquisition of Geosys, Stabenow went on to provide guidance about M&A processes to the HR department. Macrie couldn’t be more pleased. Such a show of business know-how strengthened the relationship between IT and other colleagues, he says. “That was a great outcome.”

In January, Land O’Lakes expanded Stabenow’s job to add international management responsibilities. He declined to provide details about the potential deals he’s investigating now, but the company has said it plans to expand in China, Africa and Latin America.